Security News > 2019 > August > Backdoored Ruby gems stole credentials, injected cryptomining code

The compromise of several older versions of a popular Ruby software package (aka a Ruby “gem”) has led to the discovery of a more widespread effort to inject malware and mining software through Trojanized gems. What happened? Two days ago, developer Jussi Koljonen announced that a compromised version of rest-client, a popular HTTP and REST client for Ruby, has apparently been uploaded to RubyGems, the Ruby community’s gem hosting service. The injected code would fetch … More → The post Backdoored Ruby gems stole credentials, injected cryptomining code appeared first on Help Net Security.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/IC33qgcAy-M/